6831845d55c74e7533b9fa45fbc2a20062ba711607aaacc4d0cc44788ac1759b | Triage

Analysis

max time kernel
141s
max time network
151s
platform
windows10-2004_x64
resource
win10v2004-20230703-en
resource tags

arch:x64arch:x86image:win10v2004-20230703-enlocale:en-usos:windows10-2004-x64system
submitted
16-08-2023 06:42

Sharing

Report Analysis Logs

General

Target

sas.cer
Size

716B
MD5

36629362fafba1f33bb5c13137052c7e
SHA1

fac45c2e966bf8d6bd0f53d0020bb8fe9249be60
SHA256

6831845d55c74e7533b9fa45fbc2a20062ba711607aaacc4d0cc44788ac1759b
SHA512

ecfde1545eb918ae3fca6daf9a14a1573649bc68a0c47c2402082868deb2401a9063d64066a2d375c25f166188f97e760fad552f2ccca35f160279b9fc99a393

Score

8^/10

Malware Config

Signatures

Blocklisted process makes network request 1 IoCs

flow	pid	Process
3	1780	rundll32.exe

C:\Windows\system32\rundll32.exe
C:\Windows\system32\rundll32.exe cryptext.dll,CryptExtOpenCER C:\Users\Admin\AppData\Local\Temp\sas.cer
1⤵
- Blocklisted process makes network request
PID:1780

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads